[Hawkular-dev] ${project.version} in dependency versions considered harmful

[John Mazzitelli]

FYI:

----- Forwarded Message -----
Subject: ${project.version} in dependency versions considered harmful

Hey everyone,

I just wanted to give a little PSA about this insidious little 
expression (see $subject).

Using that expression in dependency declarations seems like a shortcut, 
but it can go wrong in SO MANY WAYS. By far the most common problem is 
the use of ${project.version} in a BOM or parent POM.

If anyone inherits from that parent POM or imports that BOM in an 
external project, that external project's version will be used in place 
of the one that the parent POM / BOM intended, and all of your carefully 
managed dependencies will be wrong.

Example: jboss-as-console-bom-2.5.5.Final-redhat-1.pom

This declares org.jboss.as:console-spi:sources:${project.version}:jar.

Then, the Teiid build imports that BOM and uses it when it builds 
against the console-core library. The above sources jar listed as a 
second-level dependency (coming in via console-core) uses the Teiid 
project version, and everything grinds to a halt.

Please, if you find dependency declarations using ${project.version}, 
fix it! If there are many, many references, simply switch to using a 
property (eg. ${consoleVersion} in place of ${project.version})...and 
DON'T use ${project.version} as the value for that property.